package com.carefree.system.modules.security.expression;

import com.carefree.system.modules.security.entity.CustomUserDetails;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;

import java.util.List;

/**
 * @ClassName:CustomSecurityExpress
 * @Description: 自定义权限校验
 * @Author Tengbin tengbin234@163.com
 */
//@Component("customSecurityExpression")
public class CustomSecurityExpression {


    /**
     * 判断用户是否有该权限  @PreAuthorize("@customSecurityExpression.hasAuthority('btn:role:list')")
     *
     * @param authority 权限名
     * @return
     */
    public boolean hasAuthority(String authority) {
        // 获取当前用户的权限信息
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        CustomUserDetails customUserDetails = (CustomUserDetails) authentication.getPrincipal();
        List<String> permissionList = customUserDetails.getPermissionList();
        return permissionList.contains(authority);
    }


}
